<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>将上传的文件移动到新位置</title>
<link media="all" rel="stylesheet" type="text/css" href="styles/03e73060321a0a848018724a6c83de7f-theme-base.css" />
<link media="all" rel="stylesheet" type="text/css" href="styles/03e73060321a0a848018724a6c83de7f-theme-medium.css" />

 </head>
 <body class="docs"><div class="navbar navbar-fixed-top">
  <div class="navbar-inner clearfix">
    <ul class="nav" style="width: 100%">
      <li style="float: left;"><a href="function.mkdir.html">« mkdir</a></li>
      <li style="float: right;"><a href="function.parse-ini-file.html">parse_ini_file »</a></li>
    </ul>
  </div>
</div>
<div id="breadcrumbs" class="clearfix">
  <ul class="breadcrumbs-container">
    <li><a href="index.html">PHP Manual</a></li>
    <li><a href="ref.filesystem.html">文件系统函数</a></li>
    <li>将上传的文件移动到新位置</li>
  </ul>
</div>
<div id="layout">
  <div id="layout-content"><div id="function.move-uploaded-file" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">move_uploaded_file</h1>
  <p class="verinfo">(PHP 4 &gt;= 4.0.3, PHP 5, PHP 7, PHP 8)</p><p class="refpurpose"><span class="refname">move_uploaded_file</span> &mdash; <span class="dc-title">将上传的文件移动到新位置</span></p>

 </div>
 <div class="refsect1 description" id="refsect1-function.move-uploaded-file-description">
  <h3 class="title">说明</h3>
  <div class="methodsynopsis dc-description">
   <span class="methodname"><strong>move_uploaded_file</strong></span>(<span class="methodparam"><span class="type">string</span> <code class="parameter">$from</code></span>, <span class="methodparam"><span class="type">string</span> <code class="parameter">$to</code></span>): <span class="type">bool</span></div>

  <p class="para rdfs-comment">
   本函数检查并确保由 <code class="parameter">from</code>
   指定的文件是合法的上传文件（即通过 PHP 的 HTTP POST
   上传机制所上传的）。如果文件合法，则将其移动为由
   <code class="parameter">to</code> 指定的文件。
  </p>
  <p class="para">
   这种检查显得格外重要，如果上传的文件有可能会造成对用户或本系统的其他用户显示其内容的话。
  </p>
 </div>


 <div class="refsect1 parameters" id="refsect1-function.move-uploaded-file-parameters">
  <h3 class="title">参数</h3>
  <p class="para">
   <dl>
    
     <dt>
<code class="parameter">from</code></dt>

     <dd>

      <p class="para">
       上传的文件的文件名。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">to</code></dt>

     <dd>

      <p class="para">
       移动文件到这个位置。
      </p>
     </dd>

    
   </dl>

  </p>
 </div>

 
 <div class="refsect1 returnvalues" id="refsect1-function.move-uploaded-file-returnvalues">
  <h3 class="title">返回值</h3>
  <p class="para">
   成功时返回 <strong><code>true</code></strong>。
  </p>
  <p class="para">
   如果 <code class="parameter">from</code>
   不是合法的上传文件，不会出现任何操作，<span class="function"><strong>move_uploaded_file()</strong></span>
   将返回 <strong><code>false</code></strong>。
  </p>
  <p class="para">
   如果 <code class="parameter">from</code>
   是合法的上传文件，但出于某些原因无法移动，不会出现任何操作，<span class="function"><strong>move_uploaded_file()</strong></span>
   将返回 <strong><code>false</code></strong>。此外还会发出一条警告。
  </p>
 </div>


 <div class="refsect1 examples" id="refsect1-function.move-uploaded-file-examples">
  <h3 class="title">范例</h3>
  <p class="para">
   <div class="example" id="example-2205">
    <p><strong>示例 #1 Uploading multiple files</strong></p>
    <div class="example-contents">
<div class="phpcode"><code><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br />$uploads_dir&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">'/uploads'</span><span style="color: #007700">;<br />foreach&nbsp;(</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">"pictures"</span><span style="color: #007700">][</span><span style="color: #DD0000">"error"</span><span style="color: #007700">]&nbsp;as&nbsp;</span><span style="color: #0000BB">$key&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #0000BB">$error</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;(</span><span style="color: #0000BB">$error&nbsp;</span><span style="color: #007700">==&nbsp;</span><span style="color: #0000BB">UPLOAD_ERR_OK</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$tmp_name&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">"pictures"</span><span style="color: #007700">][</span><span style="color: #DD0000">"tmp_name"</span><span style="color: #007700">][</span><span style="color: #0000BB">$key</span><span style="color: #007700">];<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #FF8000">//&nbsp;basename()&nbsp;可以防止遍历攻击文件系统；<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;//&nbsp;进一步验证/清理文件名可能是合适的<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$name&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">basename</span><span style="color: #007700">(</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">[</span><span style="color: #DD0000">"pictures"</span><span style="color: #007700">][</span><span style="color: #DD0000">"name"</span><span style="color: #007700">][</span><span style="color: #0000BB">$key</span><span style="color: #007700">]);<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">move_uploaded_file</span><span style="color: #007700">(</span><span style="color: #0000BB">$tmp_name</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">"</span><span style="color: #0000BB">$uploads_dir</span><span style="color: #DD0000">/</span><span style="color: #0000BB">$name</span><span style="color: #DD0000">"</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;}<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</code></div>
    </div>

   </div>
  </p>
 </div>


 <div class="refsect1 notes" id="refsect1-function.move-uploaded-file-notes">
  <h3 class="title">注释</h3>
  <blockquote class="note"><p><strong class="note">注意</strong>: 
   <p class="para">
    <span class="function"><strong>move_uploaded_file()</strong></span> 对
    <a href="ini.core.html#ini.open-basedir" class="link">open_basedir</a> 是敏感的。不过，限制只针对
    <code class="parameter">to</code> 路径，因为允许移动上传的文件名
    <code class="parameter">from</code>
    可能会与这些限制产生冲突。<span class="function"><strong>move_uploaded_file()</strong></span>
    仅作用于通过 PHP 上传的文件以确保这个操作的安全性。
   </p>
  </p></blockquote>
  <div class="warning"><strong class="warning">警告</strong>
   <p class="para">
    如果目标文件已经存在，将会被覆盖。
   </p>
  </div>
 </div>

 
 <div class="refsect1 seealso" id="refsect1-function.move-uploaded-file-seealso">
  <h3 class="title">参见</h3>
  <p class="para">
   <ul class="simplelist">
    <li class="member"><span class="function"><a href="function.is-uploaded-file.html" class="function" rel="rdfs-seeAlso">is_uploaded_file()</a> - 判断文件是否是通过 HTTP POST 上传的</span></li>
    <li class="member"><span class="function"><a href="function.rename.html" class="function" rel="rdfs-seeAlso">rename()</a> - 重命名一个文件或目录</span></li>
    <li class="member">参见<a href="features.file-upload.html" class="link">文件上传处理</a>一章中的简单使用例子。</li>
   </ul>
  </p>
 </div>

</div></div></div></body></html>